RPort
Search…
RPort
RPort Knowledge Base
👀
WHAT IS RPORT
Features and benefits of RPort
Screenshots
🚀
GETTING STARTED
Install the RPort Server
Launch RPort in the cloud
Install on-premises
Install on Vultr
Install on Azure
Install on AWS EC2
Install on Digital Ocean
Install on Scaleway
Install on Google Compute
Install on Hetzner Cloud
Install RPort on any virgin cloud VM
Change the FQDN of the RPort server
Enable two factor authentication
Log in with 2FA
Connecting Clients
Using the remote access
Renaming and tagging of clients
Organize clients with groups
Activate the vault
🗣️ NEED HELP?
Troubleshoot common problems
Request Support
🔦
DIGGING DEEPER
Using the API
RPort Technology Explained
Commands and Scripts
The scheduler
File copy and reception
Client Configuration Options
Advanced client management
Updating RPort
Backing up the rport server
Powered By GitBook
Change the FQDN of the RPort server
Learn how to use your own name instead of the random *.user.rport.io hostname

Create your DNS record

If you want to change the FQDN of a RPort server installed via the cloud-installer the first step is to create a DNS A Record that points to the IP address of your virtual machine.
🧨 Do not use a CNAME record pointing to the *.users.rport.io FQDN. Always use an A-record.
The free DNS service of RPort will delete unused hostnames automatically, and your CNAME-record would become orphaned.
We will use rport-server.example.com as an example for the new hostname of your RPort server.
Login to the console of your rport-server using SSH and verify the new DNS record has been set up properly. Execute the following two commands. Both must print the same IP address – the IP address of your RPort server.
1
# Query the DNS
2
$ dig +short rport-server.example.com
3
51.15.51.42
4
5
# Fetch your external IP address
6
$ wget -qO - 'https://api.ipify.org?format=text'
7
51.15.51.42
Copied!

Generate new SSL certificates

If you already have certificates for the new FQDN, you can skip this step.
Stop the RPort server first. To generate new free certificates via Let's Encrypt, execute the following commands.
1
systemctl stop rportd
2
FQDN=rport-server.example.com
3
# Generate
4
certbot certonly -d $FQDN -n \
5
--agree-tos --standalone \
6
--register-unsafely-without-email
7
# Change group ownerships so rport can read the files
8
chgrp rport /etc/letsencrypt/archive/
9
chmod g+rx /etc/letsencrypt/archive/
10
chgrp rport /etc/letsencrypt/live/
11
chmod g+rx /etc/letsencrypt/live/
12
chgrp rport /etc/letsencrypt/archive/$FQDN/
13
chmod g+rx /etc/letsencrypt/archive/$FQDN/
14
chgrp rport /etc/letsencrypt/archive/$FQDN/privkey1.pem
15
chmod g+rx /etc/letsencrypt/archive/$FQDN/privkey1.pem
16
chgrp rport /etc/letsencrypt/live/$FQDN/
17
ls -l /etc/letsencrypt/live/$FQDN/
Copied!

Change the rportd configuration

Change the ssl key and cert

With the new certificates generated, or with your own certificates, open the configuration file /etc/rport/rportd.conf with an editor. Scroll down to the lines where certificates are configured. Certificates are registered twice. In the [server] and [api] section. Change it as shown.
Before (with random *users.rport.io FQDN)
1
# in the [server] section
2
tunnel_proxy_cert_file = "/etc/letsencrypt/live/14apzztqs96l.users.rport.io/fullchain.pem"
3
tunnel_proxy_key_file = "/etc/letsencrypt/live/14apzztqs96l.users.rport.io/privkey.pem"
4
# in the [api] section
5
cert_file = "/etc/letsencrypt/live/14apzztqs96l.users.rport.io/fullchain.pem"
6
key_file = "/etc/letsencrypt/live/14apzztqs96l.users.rport.io/privkey.pem"
Copied!
After (example with your FQDN)
1
# in the [server] section
2
tunnel_proxy_cert_file = "/etc/letsencrypt/live/rport-server.example.com/fullchain.pem"
3
tunnel_proxy_key_file = "/etc/letsencrypt/live/rport-server.example.com/privkey.pem"
4
# in the [api] section
5
cert_file = "/etc/letsencrypt/live/rport-server.example.com/fullchain.pem"
6
key_file = "/etc/letsencrypt/live/rport-server.example.com/privkey.pem"
Copied!
Change the path to the new certificates.

Change the client connect url

The rportd.conf file contains a setting url =, that indicates clients who is their server. You must change this setting to the new hostname. If the client url contains a hostname, you must change it. If it contains an IP address, no changes are needed.
Before (with random *users.rport.io FQDN)
1
url = "http://dtdu7j7pvaxv.users.rport.io:80"
Copied!
After (example with your FQDN)
1
url = "rport-server.example.com"
Copied!
If you client url consist of a hostname you must change this hostname on all clients too in the rport.conf client configuration file.

Change the server URL for sending two-factor tokens via email

If your RPort server is using the default script to send two-factor tokens via email, you must enter the new URL of your server in /usr/local/bin/2fa-sender.sh too.
Open the script with an editor and enter the URL of your RPort server.
Before:
-F url=https://*.users.rport.io 2>&1)
After (example with your FQDN):
-F url=https://rport-server.example.com 2>&1)
Wildcards are not supported for custom domain names.

Start RPortd

Finally, start the rport server again with systemctl start rportd. Type in the new https://<NEW_FQDN> into your browser and check. 🎉
Don't be frightened if clienst appear disconnected. Because the rport server has beend stopped for a while it takes some time to reconnect. But trust, they will all reconnect.
Previous
Install RPort on any virgin cloud VM
Next
Enable two factor authentication
Last modified 4mo ago
Export as PDF
Copy link
Contents
Create your DNS record
Generate new SSL certificates
Change the rportd configuration